manuth/ASBTutorials
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: manuth:a2393f21cb39be580275f889b0c650cac3b2496a
Branches Tags
manuth:main
..
compare: manuth:c86a09178702627330d3567a1ac2d4650337aeea
Branches Tags
manuth:main

2 commits
a2393f21cb ... c86a091787

Author SHA1 Message Date
Manuel Thalmann
c86a091787 Solve optional data signing task 2023-11-09 12:31:44 +01:00
Manuel Thalmann
9dd9f08163 Add command for verifying certificate chain 2023-11-09 12:31:30 +01:00
1 changed files with 29 additions and 0 deletions
Show stats Expand all files Collapse all files

29
Lab 2 - Certificates/README.md
View file

@ -294,3 +294,32 @@ After that, signing works properly:
```sh
openssl ca -config /root/ca/openssl.cnf -extensions v3_intermediate_ca -days 3650 -notext -md sha256 -in intermediate.req -out intermediate.cer
```
Check the output:
```sh
openssl x509 -in intermediate.cer -noout -text
```
# Signing Data
Create a file with secret content:
```sh
cd /root
vi secret.txt
```
## Create Signature
```sh
# Create and encrypt hash of file
openssl dgst -sha256 -sign /root/ca/private/ca.key.pem -out /tmp/hash.sha256 secret.txt
# Convert hash file to base64
openssl base64 -in /tmp/hash.sha256 -out secret.sig
```
## Verify Signature
Under normal circumstances:
```sh
# Re-create hash file from base64
openssl base64 -d -in secret.sig -out /tmp/hash.sha256
# Check integrity of `secret.txt`
openssl dgst -sha256 -verify /root/ca/ca.key.pem.pub -signature /tmp/hash.sha256 secret.txt
```